package com.next

import grails.gorm.transactions.Transactional
import org.springframework.security.access.annotation.Secured

@Secured(['ROLE_EVENT_CONFIGURATION', 'ROLE_CONDITION_RULEENGINE', 'ROLE_ADMINISTRATOR', 'ROLE_CUSTOMER_SERVICE_REPRESENTATIVE', 'ROLE_ACCOUNT_MANAGER', 'ROLE_COMPANY_ADMINISTRATOR', 'ROLE_PRODUCT_ADMINISTRATOR', 'ROLE_GENERAL_RISK_MANAGER', 'ROLE_BRANCH_GENERAL_MANAGER', 'ROLE_BRANCH_OFFICE_RISK_MANAGER', 'ROLE_HEAD_OFFICE_RISK_MANAGER', 'ROLE_GENERAL_MANAGER', 'ROLE_CRO', 'ROLE_CEO', 'ROLE_COO', 'ROLE_POST_LOAN_MANAGER', 'ROLE_BRANCH_OFFICE_POST_LOAN_MANAGER', 'ROLE_COMPLIANCE_MANAGER', 'ROLE_INVESTOR'])
@Transactional
class OpportunityCommentsController
{

    def springSecurityService

    @Secured('permitAll')
    def save()
    {
        def comments = new OpportunityComments()
        def username = springSecurityService.getPrincipal().username
        def user = User.findByUsername(username)
        def opportunity = Opportunity.findById(params.opportunityId)
        comments.user = user
        comments.comment = params.comment
        comments.opportunity = opportunity
        comments.save(flush: true)
        redirect(controller: "opportunity", action: "show", params: [id: opportunity?.id])
    }
}
